Configure SSO - Data360_DQ+ - 12.0

Data360 DQ+ AWS Installation
Product type
Software
Portfolio
Verify
Product family
Data360
Product
Data360 DQ+
Version
12.0
ft:locale
en-US
Product name
Data360 DQ+
ft:title
Data360 DQ+ AWS Installation
Copyright
2024
First publish date
2016
ft:lastEdition
2024-12-12
ft:lastPublication
2024-12-12T10:33:57.869000

After installation, you can perform these steps to enable SSO login for your organization. You can configure SAML for a single-tenant deployment of the cloud edition of Data360 DQ+.

Note: If you are enabling SSO, ensure that SSL is also enabled. See Configuring SSL. Ignore this for Kubernetes configuration.
  1. Configure the Identity Provider (IdP) file by setting these claims:

    Claim

    Acceptable values

    Email address
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/emailaddress
    • emailAddress

    Full name
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/name
    • name

    First name
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/givenname
    • givenName

    Last name
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/surname
    • surname

    Group name
    • http://schemas.xmlsoap.org/claims/Group
    • Group

    Name ID
    • http://schemas.xmlsoap.org/ws/2005/05/identity/claims/nameidentifier
    • NameID

    The IdP metadata must be returned to the Data360 DQ+ installer.

    The IdP file is provided by your Identity Provider (IdP) and contains information that is required by other applications for SSO.

  2. Edit the <deployment_id>.properties file as follows:

    Property

    Value

    IS_SAML_ENABLED

    Set to true to enable SSO using SAML.

    IS_SAML_ENABLED=true

    SAML_METADATA_IDP

    Specify the path to the Identity Provider IDP XML file.

  3. Ensure that the gradle.sh script is executable by running these commands from the deployment folder:

    chmod +x gradle.sh

    chmod +x gradle-dist/bin/gradle

  4. Generate the Service Provider (SP) metadata file by running the following command:

    gradle.sh currentBuild to-<deployment_ID> generateSamlSpMetadata

    The file will be generated at environments/<deployment_ID>

    Copy the SP metadata file to another location as a backup.

  5. Send the SP metadata file to your SAML Identity Provider (IdP) to establish the trust relationship.
  6. Verify that you have the key store used by Data360 DQ+ at the location specified by the APP_KEYSTORE_FILE property in the <deployment_ID>.properties file. By default, the key store is located at:

    environments/<deployment_ID>/sagacity.jks

    Copy the key store file to another location as a backup.
  7. Your SAML Identity Provider will send you an IdP xml file. Copy this file to some location in the deployment folder. Prior to redeploying the application, update the <deployment_ID>.properties file to indicate the location of the IdP file by setting the following property:

    SAML_METADATA_IDP

  8. Run the following command:

    gradle.sh currentBuild to-<deployment_ID> deploy

    If you are deploying into Kubernetes execute this command instead:

    gradle.sh currentBuild to-<deployment_ID> predeploy

  9. Execute Helm chart from the deploy-helm folder with command similar to this one.

    helm upgrade myrelease ./dqplus-chart --disable-openapi-validation --debug -f dqplus-chart/values.yaml

    where myrelease is the name you chose for your Helm release. You can specify a different release name if you like but it must be the same in install and upgrade.

    Note: This is only for Kubernetes deployments. For non Kubernetes deployments, stop at step 7.